🔒 Misconfigurations are today’s biggest cyber risk — and they’re growing fast. From cloud setups left exposed to overlooked policy errors, small mistakes are opening the door to massive breaches. I’m proud of the incredible SonicWall team for putting together the 2025 Threat

Over my career I have learned a lot of skills from CTFs that are foundational to my job today. I love seeing all the CTFs that pop up around hacker summer camp! #HackThePlanet and have a blast!

Great convo w/ @JillMalandrino on @Nasdaq #TradeTalks about the evolving cyber threat landscape + what it means for M&A, strategy & innovation. Thanks Jill for having me! 🎥 Watch the segment: https://t.co/K6cbq6UayE #Cybersecurity #CyberRisk #MAndA #NASDAQ

I am excited to be live on @TradeTalks with @JillMalandrino today at 2:15 PM ET! We’ll dive into the cyber threat landscape and what it means for the deal environment, including: - How the attack surface is evolving—and data from the SonicWall 2025 Threat Report - What the

ℹ️ Coming to RSAC™ 2025: Three cutting-edge SANS sessions lined up for Day 2 next Tuesday 🔹 Kubernetes defense w/ Eric Johnson & @thecybergoof 🔹 AI & threat modeling w/ @aboutsecurity & @fulmetalpackets 🔹 Purple teaming w/ @ErikVaBu & Jeroen Vandeleur Get the full lineup →

11 years ago, I sat in @SANSOffensive #SEC660 as a student, eager to deepen my exploitation skills and absorb everything I could from one of the best— @Steph3nSims This week, I have the honor of co-teaching that same course alongside Steve himself. From student to instructor.

🚨 NEXT WEEK, FOR ONE DAY ONLY 🚨 Join in this fun opportunity for some amazing hands-on challenges based on our SANS Offensive Operations courses! Tuesday, Mar 18, 2025 10am - 4pm EDT Details and registration here: https://t.co/AWaeGOmNUg

🚨 Software supply chain attacks are evolving—are you ready? A single compromised dependency can lead to a massive breach. In my latest @TheHackersNews article, I break down emerging threats & key defenses. Read here: 🔗 https://t.co/DPQtRYUc7y H/T @SANSOffensive

Thrilled to be back at #RSAC 2025 with @aboutsecurity! 🚀 We'll be diving into AI, automation, and threat modeling—real-world lessons from 'hacking the planet' to defend the software supply chain. See you in SF! #ThinkRedActBlue #SupplyChain #AI

📣 Starting Now! | Join @fulmetalpackets, invited speakers, and your #ThreatIntel community for Day 1 of the #CTISummit Solutions Track to explore cutting-edge #CTI solutions, research, & techniques. Register for Free & Join Here: https://t.co/RqGB9g1Bte

Looking forwards to the #CTISummit come join this fantastic lineup of speakers for free!

Join @fulmetalpackets, invited speakers, and your #ThreatIntel community for the #CTISummit Solutions Track on Jan 27-28 to explore cutting-edge #CTI solutions, research, & techniques. Register for Free: Jan 27: https://t.co/RqGB9g1Bte Jan 28: https://t.co/tNM4kMzeia

📣 The #AISummit Call for Presentations is OPEN! If you have practical approaches that demonstrate the application of #AI and #MachineLearning into daily cybersecurity tasks — we want to hear from you! ➡️ Learn More & Submit by Friday, December 20: https://t.co/Jio7KMBgoV

These are by far my favorite part of speaking at Hackfest - love the drawings!

Speaking at @SANSOffensive Hackfest 2024 in just a few hours! You can register for FREE still to watch all of the great presentations. Come check it out! https://t.co/tRrN1tp5y3

The first step in a strong cybersecurity defensive strategy is ensuring you have the right threat intelligence. I am proud of my team at @SonicWall for continuing to release the latest trends we are seeing, this time specific to the healthcare industry. Check out the link below!

It was an absolute pleasure to discuss with @j_scott_writer the current state of the healthcare industry from a cybersecurity perspective and what @SonicWall is seeing in our data. There is so much to unpack! Healthcare has made great strides in improving their security, but

One of my favorite topics and it only gets better when I’m joined by industry expert @Steph3nSims! Tune in to learn just how easy it can be to understand these undocumented protocols.

Join me tomorrow (Friday) at 11AM PT on the Off By One Security (@offby1security) stream with @fulmetalpackets to talk about how to identify and dissect undocumented network protocols. Link coming shortly!

It's time to take a closer look at CVE-2024-38063 (Windows TCPIP RCE). I usually don't post partial analysis but since most available info is unreliable I'll do my best to try and shed some light. This time I'll focus on my workflow and thought process as we go. 🧵